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FINAL ACTION 

1 . Amendment A, received on 19 December 2008, lias been entered into record. In 
tliis amendment, claims 2, 5, 8, 11, and 13-16 have been amended. 

2. Claims 2-1 6 are presented for examination. 

Response to Arguments 

3. With regard to the objections of the specification and drawings, the applicant has 
submitted amendments, and the examiner hereby withdraws the objections. 

4. Applicant's arguments filed 19 December 2008 have been fully considered but 
they are not persuasive. 

Applicant's arguments with regard to the structure of claim 2 do not comply with 
37 CFR 1.111 (c) because they do not clearly point out the patentable novelty which he 
or she thinks the claims present in view of the state of the art disclosed by the 
references cited or the objections made. Further, they do not show how the 
amendments avoid such references or objections. 

As to claim 2, it is argued by the applicant that de Jong does not disclose 
functional lockers each require references to files of a user stored only by that user, and 
which user has access to the stored references therein that is different dependent on 
the type of functional locker. The examiner respectfully disagrees. De Jong discloses 
that content is provided by a content producer (i.e. first user) (0175, lines 1-4) and that a 
URL (i.e. reference) with indicators specifies the digital content (01 10, lines 1-6). It is 
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noted that the applicant claims the functional locker providing at least one of the cited 
functions. 

Claim Objections 

5. Claims 2 and 13 are objected to because of the following informalities: 

a. In claim 2, line 24: "a second file" is unclear if it relates to "a second file" 
(claim 2, line 15); 

b. In claim 13, line 21 : "a other user" is unclear. The examiner suggests the 
applicant amend this phrase to "a different user" or the like. 

Appropriate correction is required. 

Claim Rejections - 35 USC § 103 

6. The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

7. Claims 2-10 and 13 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over de Jong et al. (US 2004/0054750 A1 and de Jong hereinafter) and in view of 
Challener (US 2003/0174842 Al). 

As to claim 2, de Jong discloses a system and method for digital content access control, 
the system and method having: 

accessing the server over an internet (0081 , lines 1 6-1 7); 
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sending, by the server (i.e. provisioner), a client program (i.e. tol<ens) 
to a first local computer of the first user, the client program enabling an 
authentication of the first user using the user certificate and a transmission 
of at least one further security requirement (0127, lines 1-3, 5-10); 

setting up a personal main folder (i.e. content repository) on the server 
for the first user, the main folder having a first special file (i.e. content rights 
database) including a first security requirement defined for the main folder 
and first management information so as to provide a main locker (0098, 
lines 4-9; 0099, lines 4-7); 

configuring the personal main folder to have at least one further 
folder (i.e. content associated with request) set up therein, the at least one 
further folder having a function and a second file including a second 
security requirement (i.e. token) defined for the at least one further folder 
and including second management information so as to provide a 
functional locker (0098, lines 9-14; 0099, lines 4-13, 16-19); 

displaying the functional locker only if at least one security-relevant 
requirement is met so as to provide a locker system having a virtual 
character, wherein the functional locker provides a function of at least one 
of (0102, lines 25-32): 

a personal locker, wherein a reference to first files of the first user is 
storable in the personal locker only by the first user and displayable only to 
the first user; 
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a provisioning locker, wherein a first reference (i.e. URL) to a second 
file for another user being storable by the first user (i.e. content producer) 
therein (0109, lines 2-3; 0110, lines 1-6; 0175, lines 1-4); 

a receiving locker, wherein a third file of a sender user of the users is 
storable therein only by the second user, the receiving locker being 
configured, when opened, to provide to the first user a sender user 
reference relating to the storage of the third file and to a sender user 
defined security requirement. 

De Jong does not disclose: 

upon request, issuing, by an operator of the server, to a first user of 
the users a user certificate for access conditions, and providing the user 
certificate and a secret key to the first user. 

Nonetheless, this feature is well known in the art and would have been an obvious 

modification of the teachings disclosed by de Jong, as evidenced by Challener. 

Challener discloses a system and method for managing private keys, the system and 

method having: 

issuing, upon request by an operator of the server (i.e. CA), to a first 
user of the users a user certificate for access conditions (0005, lines 1-7); 

providing the user certificate and a secret key to the first user (0005, 
lines 1-7). 

Given the teaching of Challener, a person having ordinary skill In the art at the time of 
the invention would have readily recognized the desirability and advantages of 
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modifying tine teacliings of de Jong with the teachings of Challener by providing a user 
with a certificate and key. Challener recites motivation by disclosing that using 
encryption is a well known method of providing security for communications between 
two computers in a network (0004, lines 7-8). It is obvious that the teachings of 
Challener would have improved the teachings of de Jong by providing for encryption in 
order to secure communications. 

As to claim 3, de Jong does not disclose: 

wherein the certificate includes a public key. 

Nonetheless, this feature is well known in the art and would have been an obvious 
modification of the teachings disclosed by de Jong, as evidenced by Challener. 
Challener discloses: 

wherein the certificate includes a public key (0005, lines 1-3). 
Given the teaching of Challener, a person having ordinary skill in the art at the time of 
the invention would have readily recognized the desirability and advantages of 
modifying the teachings of de Jong with the teachings of Challener by using a public key 
in a certificate. Challener recites motivation by disclosing that using a public key in a 
certificate allows all parties to access the public key (0005, lines 5-6). It is obvious that 
the teachings of Challener would have improved the teachings of de Jong by using a 
certificate with a key in order to allow all parties to have access to the key. 



As to claim 4, de Jong does not disclose: 
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providing a public key to the first user. 

Nonetheless, this feature is well known in the art and would have been an obvious 
nnodification of the teachings disclosed by de Jong, as evidenced by Challener. 
Challener discloses: 

providing a public key to the first user (0005, lines 4-6). 
Given the teaching of Challener, a person having ordinary skill in the art at the time of 
the invention would have readily recognized the desirability and advantages of 
modifying the teachings of de Jong with the teachings of Challener by providing a public 
key to a user. Please refer to the motivation recited above in respect to claim 2 as to 
why it is obvious to apply the teachings of Challener to the teachings of de Jong. 

As to claim 5, de Jong does not disclose: 

wherein the providing the user certificate and the secret key to the 
first user is performed by providing the user certificate and the secret key 
on a smart card. 

Nonetheless, this feature is well known in the art and would have been an obvious 
modification of the teachings disclosed by de Jong, as evidenced by Challener. 
Challener discloses: 

wherein the providing the user certificate and the secret key to the 

first user is performed by providing the user certificate and the secret key 

on a smart card (0008, lines 1-3). 



Application/Control Number: 10/563,337 Page 8 

Art Unit: 2431 

Given tine teacliing of Cliallener, a person having ordinary sl^ill in the art at the time of 
the invention would have readily recognized the desirability and advantages of 
modifying the teachings of de Jong with the teachings of Challener by providing key 
information on a smart card. Challener recites motivation by disclosing that smart cards 
are small and can hold memory and logic (0008, lines 1-2). It is obvious that the 
teachings of Challener would have improved the teachings of de Jong by providing key 
information on a smart card in order to provide security using a small device. 

As to claim 6, de Jong discloses: 

wherein the at least one further security requirement includes at 
least one of a biometric system requirement, a geographic positioning 
requirement, a time restriction, a network requirement, and a computer 
data requirement (0098, lines 19-22). 

As to claim 7, de Jong discloses: 

wherein the at least one further security requirement includes a time 
dependency (0164, lines 2-5). 

As to claim 8, de Jong discloses: 

wherein the at least one further security requirement is a 
requirement of at least one of the operator of the server, the first user, and 
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the sender (i.e. user of one or more users) of the third file (0098, lines 4-8, 1 9- 
22). 



As to claim 9, de Jong discloses: 

wherein the provisioning loclter has a name associated therewith 

(0110, lines 1-6). 



As to claim 10, de Jong discloses: 

wherein the provisioning loclter includes a user locker for the 
another user (Abstract, lines 9-10). 



As to claim 13, de Jong discloses: 

wherein the first user and the second user are each registered with 
the server, and further comprising setting up a second personal main 
folder on the server for the second user registered with the server, the 
second main folder having a respective first special file including a 
respective first security requirement defined for the respective main folder 
and respective management information so as to provide a respective 
locker (0098, lines 4-9; 0099, lines 4-7), 

configuring each respective main folder to have respective further 
folders set up therein, the respective further folders each having a 
respective function and each having a respective second file including a 
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respective second security requirement defined for the respective further 
folders and including the respective management information, each of the 
further folders acting as a respective functional locker (0098, lines 9-14; 
0099, lines 4-13, 16-19), 

displaying each functional locker only if a respective security- 
relevant requirement is met, so as to provide a respective locker system 
having a virtual character (0102, lines 25-32), each functional locker 
providing a respective function of at least one of: 

a respective personal locker, respective first files being storable in 
the respective personal locker only by the respective user and displayable 
only to the respective user; 

a respective provisioning locker, wherein a respective first reference 
to a respective second file for a other user being storable by the respective 
user therein (0109, lines 2-3; 0110, lines 1-6; 0175, lines 1-4); 

a respective receiving locker for a respective third file available to a 
respective sender user of the users, the respective receiving locker being 
configured, when opened, to provide to the respective user a respective 
sender user reference relating to the storage of the respective third file and 
to a respective sender user defined security requirement; 

a respective public locker configured to store, by the first user, the 
first reference to the second file when the first reference is stored in the 



Application/Control Number: 1 0/563,337 Page 1 1 

Art Unit: 2431 

provisioning ioclter, if access to the first reference is offered to a plurality 
of other users. 

The examiner notes that the process of claim 13 uses the similar process of claim 2 to 
create a second instance. It would have been obvious to one of ordinary skill in the art 
at the time the invention was made to repeat the same process of claim 2 to create 
another instance of the folder because a mere duplication only involves routine skill in 
the art. 

8. Claims 14-16 are rejected under 35 U.S.C. 103(a) as being unpatentable over de 
Jong in view of Challener as applied to claim 2 above, and further in view of Perlman 
(US Patent 5,901,227). 

As to claim 14, de Jong in view of Challener discloses: 

encrypting the data using the access key (0004, lines 8-10); 

encrypting, by the server, the transmitted encrypted data a second 
time (0032, lines 5-8; 0033, lines 8-10). 
Given the teaching of Challener, a person having ordinary skill in the art at the time of 
the invention would have readily recognized the desirability and advantages of 
modifying the teachings of de Jong with the teachings of Challener by encrypting data 
with a key. Please refer to the motivation recited above in respect to claim 2 as to why 
it is obvious to apply the teachings of Challener to the teachings of de Jong. 

De Jong in view of Challener does not disclose: 
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storing a fourth file in the functional locker only if the second 
security requirement is met; 

generating a random number from data of the fourth file so as to 
provide an access key; 

subsequently encrypting the access key with the public key and then 
destroying the access key so that the access key, for accessing the stored 
file, can only be recovered using the secret key; 

receiving, at the server, the encrypted data, fourth management 
information of the fourth file, and the encrypted access key; 

generating a unique file identifier for the fourth file; 

storing the fourth file in a system locker using the file identifier; 

storing a fourth reference to the fourth file in the functional locker, 
the fourth reference including the unique file identifier, the encrypted 
access key, and the fourth management information. 
Nonetheless, these features are well known in the art and would have been an obvious 
modification of the teachings disclosed by de Jong in view of Challener, as evidenced 
by Perl man. 

Perlman discloses a system and method for implementing partial and complete optional 
key escrow, the system and method having: 

storing a fourth file in the functional locker only if the second 

security requirement (i.e. minimum fulfilled) is met (col. 5, lines 55-57; col. 6, 
lines 10-14); 
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generating a random number (i.e. nonce) from data of the fourth file 
so as to provide an access key (col. 1 , lines 29-30). It would have been 
obvious to one of ordinary skill in the art at the time the invention was made to 
derive a random number from data since it is known in the art that linking data 
content to encryption increases security. 

subsequently encrypting the access key with the public key and then 
destroying the access key so that the access key, for accessing the stored 
file, can only be recovered using the secret key (col. 4, lines 44-45, 47-49); 

receiving, at the server, the encrypted data, fourth management 
information of the fourth file, and the encrypted access key (col. 5, lines 29- 
36); 

generating a unique file identifier (i.e. DID) for the fourth file (i.e. 
escrow information) (col. 6, lines 46-48); 

storing the fourth file in a system locker using the file identifier (col. 
5, lines 55-57; col. 6, lines 32-33); 

storing a fourth reference to the fourth file in the functional locker, 
the fourth reference including the unique file identifier, the encrypted 
access key, and the fourth management information (col. 5, lines 31-36). 
Given the teaching of Perlman, a person having ordinary skill in the art at the time of the 
invention would have readily recognized the desirability and advantages of modifying 
the teachings of de Jong in view of Challener with the teachings of Perlman by 
transferring a hidden key and storing information. Perlman recites motivation by 



Application/Control Number: 10/563,337 Page 14 

Art Unit: 2431 

disclosing tliat encrypting l^eys ensures tliat tine information is safe from an 
eavesdropper (col. 1 , lines 43-45) and storing information using a pointer so that the 
information can be shared (col. 6, lines 19-22). It is obvious that the teachings of 
Perlman would have improved the teachings of de Jong in view of Challener by 
transferring a hidden key and storing information so that the information can be 
protected while being shared. 

As to claim 15, de Jong in view of Challener discloses: 

wherein the functional loclter is the provisioning loclter including a 
user file (i.e. messages) for the other user (0024, lines 5-7), and further 
including the steps of: enabling the stored fourth file to be forwarded by 
the first user to the other user only if the first user decrypts the encrypted 
access key with the secret key and re-encrypts the decrypted access key 
with a second public key of the other user (0033, lines 4-10), 

storing the re-encrypted access key, the file unique identifier and the 
fourth management information, as the fourth reference to the file into the 
user locker (0027, lines 11-14; 0033, lines 10-12). 
Given the teaching of Challener, a person having ordinary skill in the art at the time of 
the invention would have readily recognized the desirability and advantages of 
modifying the teachings of de Jong with the teachings of Challener by re-encrypting the 
key and storing it with information. Challener recites motivation by disclosing that 
encrypting the key assures an administrator that the information is sent only to an 
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authorized client (0035, lines 1 0-1 2). It is obvious that the teachings of Challener would 
have improved the teachings of de Jong by storing a re-encrypted key in order to 
ensure the integrity of the key. 

As to claim 16, de Jong in view of Challener does not disclose: 

wherein the second management information includes a 
management requirement, and wherein the storing the fourth file is 
performed only if the management requirement is met. 

Nonetheless, this feature is well known in the art and would have been an obvious 
modification of the teachings disclosed by de Jong in view of Challener, as evidenced 
by Perl man. 
Perlman discloses: 

wherein the second management information includes a 

management requirement, and wherein the storing the fourth file (i.e. 

escrow information) is performed only if the management requirement is met 

(col. 5, lines 55-57; col. 6, lines 10-14). 
Given the teaching of Perlman, a person having ordinary skill in the art at the time of the 
invention would have readily recognized the desirability and advantages of modifying 
the teachings of de Jong in view of Challener with the teachings of Perlman by storing 
information only if a requirement is met. Perlman recites motivation by disclosing that 
only Information that follows certain requirements, such as the requirements of a 
government (col. 6, lines 13-14) can be used. It is obvious that the teachings of 
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Perlman would have improved tine teacliings of de Jong in view of Challener by storing 
information if a condition is met in order to ensure compliance with regulations. 

9. Claims 11-12 are rejected under 35 U.S.C. 103(a) as being unpatentable over de 
Jong in view of Challener as applied to claim 2 above, and further in view of Winiger et 
al. (US 2004/0010715 A1 and Winiger hereinafter). 
As to claim 1 1 , de Jong in view of Challener does not disclose: 

wherein the receiving locker has a name associated with a sender of 
the third file. 

Nonetheless, this feature is well known in the art and would have been an obvious 
modification of the teachings disclosed by de Jong in view of Challener, as evidenced 
by Winiger. 

Winiger discloses a system and method for specifying a repository for an authentication 
token, the system and method having: 

wherein the receiving locker has a name associated with a sender 

(i.e. user) of the third file (i.e. password) (0039, lines 7-8). 
Given the teaching of Winiger, a person having ordinary skill in the art at the time of the 
invention would have readily recognized the desirability and advantages of moditying 
the teachings of de Jong in view of Challener with the teachings of Winiger by using a 
name associated with data. Winiger recites motivation by disclosing that the use of 
identification information such as a name enables a system to perform operations such 
as a password change (0039, lines 3-7). It is obvious that the teachings of Winiger 
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would have improved the teachings of de Jong in view of Challener by associating a 
name with data in order to provide for operations such as password changes. 

As to claim 1 2, de Jong in view of Challener does not disclose: 

wherein the receiving loclter includes a user loclter for the sender 

user. 

Nonetheless, this feature is well known in the art and would have been an obvious 
modification of the teachings disclosed by de Jong in view of Challener, as evidenced 
by Winiger. 
Winiger discloses: 

wherein the receiving loclter includes a user locker (i.e. storage of 
password in repository) for the sender user (0030, lines 3-4). 
Given the teaching of Winiger, a person having ordinary skill in the art at the time of the 
invention would have readily recognized the desirability and advantages of modifying 
the teachings of de Jong in view of Challener with the teachings of Winiger by providing 
for a locker for a user. Winiger recites motivation by disclosing that storing a token with 
which to compare inputted information allows for authentication (0004, lines 7-13). It is 
obvious that the teachings of Winiger would have improved the teachings of de Jong in 
view of Challener by providing a locker for a user in which to store data so that the 
information can be used for authentication. 
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Conclusion 

10. THIS ACTION IS MADE FINAL. Applicant is reminded of tine extension of time 
policy as set forth in 37 CFR 1 .136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the mailing date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Sarah Su whose telephone number is (571 ) 270-3835. 
The examiner can normally be reached on Monday through Friday 7:30AM-5:00PM 
EST.. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on (571 ) 272-3795. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding tine status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

/Sarah Su/ 

Examiner, Art Unit 2431 

/Christopher A. Revak/ 
Primary Examiner, Art Unit 2431 



